CVE-2025-59367

CRITICAL

Asus Dsl-ac51 Firmware < 1.1.2.3_1010 - Missing Authentication

Title source: rule

Description

An authentication bypass vulnerability has been identified in certain DSL series routers, may allow remote attackers to gain unauthorized access into the affected system. Refer to the 'Security Update for DSL Series Router' section on the ASUS Security Advisory for more information.

References (1)

[Vendor Advisory] https://www.asus.com/security-advisory

Scores

CVSS v3 9.8

EPSS 0.0024

EPSS Percentile 47.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-306 CWE-288

Status published

Products (3)

asus/dsl-ac51_firmware < 1.1.2.3_1010

asus/dsl-ac750_firmware < 1.1.2.3_1010

asus/dsl-n16_firmware < 1.1.2.3_1010

Published Nov 13, 2025

Tracked Since Feb 18, 2026